Over half (54 percent) of those who participated in Immuta's third annual State of Data Engineering Survey say one of their biggest challenges is securing data with appropriate access rights. While nearly 60 percent believe their organizations should…

Zerobot is a new Go-based botnet that has been observed in the wild spreading by exploiting nearly two dozen security flaws in Internet of Things (IoT) devices and other software. According to Fortinet FortiGuard Labs researcher Cara Lin, the botnet…

The cybersecurity firm Trellix has released its annual threat predictions report for 2023. Trellix Advanced Research Center forecasts an increase in geopolitically motivated attacks across Asia and Europe, as well as hacktivism driven by tensions between…

The New Zealand government recently confirmed being impacted by a ransomware attack on managed service provider (MSP) Mercury IT, which has disrupted businesses and public authorities in the country.  Mercury IT is a small business with only 25…

Phosphorus Labs reported that 99 percent of Extended Internet of Things (xIoT) device passwords violate industry best practices. The study discovered that 68 percent of xIoT devices have high-risk or CVSS scores of 8-10. According to the report, 80…

It can take at least an hour for even the most skilled hackers to write a script to exploit a software vulnerability and infiltrate their target. However, a machine may soon be able to do it in seconds. Brendan Dolan-Gavitt, a computer security…

Google recently announced the December 2022 Android updates with patches for over 75 vulnerabilities, including multiple critical remote code execution (RCE) flaws.  The most severe of the RCE bugs is CVE-2022-20411, an issue in Android’s System…

Corvus Insurance published the findings of its third Corvus Risk Insights Index, which is a compilation of industry trends and data analysis. The findings of the report are drawn from data sources used by Corvus to power its underwriting and risk…

Antwerp, Belgium, is working to restore digital services that were disrupted by a cyberattack on its digital provider. The outage has impacted services used by citizens, schools, daycare centers, and law enforcement, all of which have been operating…

ConductorOne made their identity connectors open-source in a project called Baton, which is available on GitHub. Each connector enables developers to extract, normalize, and interact with workforce identity data such as user accounts, permissions, roles…

The state-owned VTB Bank, Russia's second-largest financial institution, has reported the largest Distributed Denial-of-Service (DDoS) attack in its history. The pro-Ukraine collective IT Army of Ukraine has claimed responsibility for the DDoS attacks as…

A Russia-connected state-sponsored hacking group has been linked to attack infrastructure that spoofs the Microsoft login page of Global Ordnance, a legitimate US-based military weapons and hardware supplier. Recorded Future attributed the new…